If I were running a virtual machine, with all traffic always being sent and received through Tor, would this be safe on a public Wi-Fi connection? Surely my traffic cannot be sniffed as it's encrypted?

2 Answers
2

Unfortunately, Tor isn't completely safe. Tor encrypts the data, yes, but it only encrypts between you and the exit relay. Unless there's encryption outside of (above?) Tor, e.g. SSL, the exit relay could snoop on your decrypted data. This kind of proxy/VPN service is only as trustworthy as the people running the servers, and in the case of Tor literally anyone could set up an anonymous exit relay.

If Tor is your only option, the question is: do you trust the public WiFi's operators (and other users, if it's not encrypted other users could see your data) more or some random stranger somewhere in the world?

The only way to be truly secure is if there's some form of end-to-end encryption, e.g. SSL, between you and the eventual destination of your data. Barring that, running your own server to connect through (through an encrypted VPN) is alright, but someone could also intercept traffic between your server and the eventual destination. Still, much safer than Tor or public WiFi.

Tor is just a VPN service, so if you re-word your question to "VPN + Public Wi-Fi … safe?" the anwer would be "Yes, that is the recommended way to get security on a public Wi-Fi for non SSL connections".